Documentation
Roles & Permissions
Fluxalyze uses four named roles with increasing privilege levels. Every action in the system is gated by role.
Role overview
Owner
Only one per tenant. Full control: billing, SSO config, user management, locking versions, deleting plans.
Admin
Can approve/reject versions, invite users, configure guardrails, install formula packs, manage dimensions.
Planner
Can create plans, import data, run formulas, run what-if simulations, and submit versions for approval.
Viewer
Read-only access to approved and locked versions. Cannot modify data, import, or submit approvals.
Permission matrix
| Action | owner | admin | planner | viewer |
|---|---|---|---|---|
| Plan management | ||||
| Create / delete plan | ✓ | ✓ | ✓ | — |
| Add / edit dimensions | ✓ | ✓ | ✓ | — |
| Import Excel data | ✓ | ✓ | ✓ | — |
| Run recalculation | ✓ | ✓ | ✓ | — |
| Version lifecycle | ||||
| Submit version for approval | ✓ | ✓ | ✓ | — |
| Approve / reject version | ✓ | ✓ | — | — |
| Lock version | ✓ | — | — | — |
| Clone / snapshot version | ✓ | ✓ | ✓ | — |
| Analysis | ||||
| View grid / plan data | ✓ | ✓ | ✓ | ✓ |
| Run What-If simulation | ✓ | ✓ | ✓ | — |
| View variance analysis | ✓ | ✓ | ✓ | ✓ |
| Export to Excel | ✓ | ✓ | ✓ | ✓ |
| Administration | ||||
| Invite users | ✓ | ✓ | — | — |
| Change user roles | ✓ | — | — | — |
| Install formula packs | ✓ | ✓ | — | — |
| Configure guardrails | ✓ | ✓ | — | — |
| Enable / configure SSO | ✓ | — | — | — |
| View audit trail | ✓ | ✓ | — | — |
| Delete tenant / billing | ✓ | — | — | — |
Invitation flow
Users must be explicitly invited. There is no self-registration without an invite token.
-
1
Admin navigates to Tenant Admin → Invite User
Email: analyst@acme.local
Role: planner
[Send invitation] -
2
The system sends an email containing a unique token URL
https://app.fluxalyze.io/auth/accept-invite?token=e3b0c44298fc...
(expires in 48 hours) -
3
Invitee clicks the link, sets a password, and is activated
On activation, the user is bound to the tenant with the assigned role. Session is created automatically — no second login required.
-
4
Owner can change the role at any time from Tenant Admin → Users
Downgrading a planner → viewer immediately revokes their ability to import, submit, or run simulations without affecting their read access.
Dimension-level permissions
Beyond role-level access, Fluxalyze supports dimension-level restrictions. An admin can limit a planner's access to specific entities or time periods.
| User | Role | Allowed ENTITY codes | Allowed TIME codes | Effect |
|---|---|---|---|---|
| emea.planner@acme.local | planner | EMEA | 2026-Q1, 2026-Q2, 2026-Q3, 2026-Q4 | Can only import/edit rows where entity_code = EMEA |
| hq.readonly@acme.local | viewer | HQ | 2026-Q1 | Can only view HQ Q1 data — other cells are masked |
Configure dimension restrictions under Tenant Admin → Users → [user] → Dimension Permissions.
Single Sign-On (SSO)
Fluxalyze supports SAML 2.0 and OIDC SSO. When enabled, users are redirected to your identity provider on login and bypass the invite-token password flow.
| Provider | Protocol | Auto-provision users? | Role mapping |
|---|---|---|---|
| Azure AD / Entra ID | OIDC | Yes — on first login | Map AAD group → Fluxalyze role in Settings |
| Okta | SAML 2.0 / OIDC | Yes — on first login | Use custom attribute fluxalyze_role |
| Google Workspace | OIDC | Yes — on first login | Domain-restricted; default role configurable |
| Custom SAML | SAML 2.0 | Yes — on first login | Map role attribute from assertion |